Find, fix and prevent vulnerabilities in your code.
high severity
- Vulnerable module: com.h2database:h2
- Introduced through: com.h2database:h2@2.3.232
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › com.h2database:h2@2.3.232
Overview
com.h2database:h2 is a database engine
Affected versions of this package are vulnerable to Remote Code Execution (RCE). It provides a web console for managing the database, and by default it does not have a password set. The CREATE ALIAS
function calls Java code, allowing an attacker to execute arbitrary Java code on projects running the h2 database.
NOTE: To be remotely exploitable, the affected application must be configured with the non-default setting webAllowOthers=true
, either in a config file or as a parameter passed in when the servlet is invoked. The vulnerability can be avoided by setting a password on the database and/or restricting access to localhost using the above setting.
PoC
CREATE ALIAS REVERSE AS $$ String reverse(String s) { return new StringBuilder(s).reverse().toString(); } $$;
CALL REVERSE('Test');
Remediation
There is no fixed version for com.h2database:h2
.
References
medium severity
- Vulnerable module: org.bouncycastle:bcprov-jdk15on
- Introduced through: org.bouncycastle:bcprov-jdk15on@1.69
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.bouncycastle:bcprov-jdk15on@1.69
Overview
org.bouncycastle:bcprov-jdk15on is a Java implementation of cryptographic algorithms.
Affected versions of this package are vulnerable to Uncontrolled Resource Consumption ('Resource Exhaustion') within the org.bouncycastle.openssl.PEMParser
class. Parsing a file that has crafted ASN.1
data through the PEMParser
causes an OutOfMemoryError
.
Workaround
The attack can be avoided by filtering PEM
requests containing EXTERNAL
tagged encodings.
Remediation
There is no fixed version for org.bouncycastle:bcprov-jdk15on
.
References
medium severity
- Vulnerable module: org.bouncycastle:bcprov-jdk15on
- Introduced through: org.bouncycastle:bcprov-jdk15on@1.69
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.bouncycastle:bcprov-jdk15on@1.69
Overview
org.bouncycastle:bcprov-jdk15on is a Java implementation of cryptographic algorithms.
Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the solveQuadraticEquation()
function used for certificate verification in ECCurve.java
. Passing a large f2m parameter can cause excessive CPU consumption.
Remediation
There is no fixed version for org.bouncycastle:bcprov-jdk15on
.
References
medium severity
- Vulnerable module: org.bouncycastle:bcprov-jdk15on
- Introduced through: org.bouncycastle:bcprov-jdk15on@1.69
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.bouncycastle:bcprov-jdk15on@1.69
Overview
org.bouncycastle:bcprov-jdk15on is a Java implementation of cryptographic algorithms.
Affected versions of this package are vulnerable to Information Exposure due to missing validation for the X.500 name of any certificate, subject, or issuer. The presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data.
Note:
The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.
Remediation
A fix was pushed into the master
branch but not yet published.
References
medium severity
- Module: ch.qos.logback:logback-classic
- Introduced through: org.springframework.boot:spring-boot-starter-security@3.3.4, org.springframework.boot:spring-boot-starter-webflux@3.3.4 and others
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-security@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-webflux@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.springframework.boot:spring-boot-starter-aop@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.springframework.boot:spring-boot-starter-jdbc@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-webflux@3.3.4 › org.springframework.boot:spring-boot-starter-json@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-rest@3.3.4 › org.springframework.boot:spring-boot-starter-web@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-rest@3.3.4 › org.springframework.boot:spring-boot-starter-web@3.3.4 › org.springframework.boot:spring-boot-starter-json@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8
Dual license: EPL-1.0, LGPL-2.1
medium severity
- Module: ch.qos.logback:logback-core
- Introduced through: org.springframework.boot:spring-boot-starter-security@3.3.4, org.springframework.boot:spring-boot-starter-webflux@3.3.4 and others
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-security@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8 › ch.qos.logback:logback-core@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-webflux@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8 › ch.qos.logback:logback-core@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.springframework.boot:spring-boot-starter-aop@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8 › ch.qos.logback:logback-core@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.springframework.boot:spring-boot-starter-jdbc@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8 › ch.qos.logback:logback-core@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-webflux@3.3.4 › org.springframework.boot:spring-boot-starter-json@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8 › ch.qos.logback:logback-core@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-rest@3.3.4 › org.springframework.boot:spring-boot-starter-web@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8 › ch.qos.logback:logback-core@1.5.8
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-rest@3.3.4 › org.springframework.boot:spring-boot-starter-web@3.3.4 › org.springframework.boot:spring-boot-starter-json@3.3.4 › org.springframework.boot:spring-boot-starter@3.3.4 › org.springframework.boot:spring-boot-starter-logging@3.3.4 › ch.qos.logback:logback-classic@1.5.8 › ch.qos.logback:logback-core@1.5.8
Dual license: EPL-1.0, LGPL-2.1
medium severity
- Module: com.h2database:h2
- Introduced through: com.h2database:h2@2.3.232
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › com.h2database:h2@2.3.232
Dual license: EPL-1.0, MPL-2.0
medium severity
- Module: org.aspectj:aspectjweaver
- Introduced through: org.springframework.boot:spring-boot-starter-data-jpa@3.3.4
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.springframework.boot:spring-boot-starter-aop@3.3.4 › org.aspectj:aspectjweaver@1.9.22.1
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.springframework:spring-aspects@6.1.13 › org.aspectj:aspectjweaver@1.9.22.1
EPL-1.0 license
medium severity
- Module: org.hibernate.common:hibernate-commons-annotations
- Introduced through: org.springframework.boot:spring-boot-starter-data-jpa@3.3.4
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.hibernate.orm:hibernate-core@6.5.3.Final › org.hibernate.common:hibernate-commons-annotations@6.0.6.Final
LGPL-2.1 license
medium severity
- Module: org.hibernate.orm:hibernate-core
- Introduced through: org.springframework.boot:spring-boot-starter-data-jpa@3.3.4
Detailed paths
-
Introduced through: jultty/mirante@jultty/mirante#de2ead52c84d9432147461afb6a650063bce5353 › org.springframework.boot:spring-boot-starter-data-jpa@3.3.4 › org.hibernate.orm:hibernate-core@6.5.3.Final
LGPL-2.1 license